I checked that saying existing cert will has no impact until its expire, but I need more information about the details,
and I wish to know the mechanism,
1. does client can chain up previous issued cert with new ent CA cert? if chain by AKID to SKID, but the new renewed CA public key changed , that can not verify signature anymore.
2. that means previous issued cert will not valid if previous Ent CA cert expired, because it can not chain up with new Ent CA cert
thank you
